Software Map

Elhttp is a very light HTTP proxy server, mostly
useful on embedded Linux systems such as ADSL
routers. It supports HTTP 1.1 (keep-alive), the
connect method, IP-based ACLs, SSL relaying, and
client request logging. It runs on most Unix
variants (Linux, *BSD, etc.) and Win32.

adcfw-log is a tool for analyzing firewall logs in
order to extract meaningful information. It is
designed to be a standalone script with very
few requirements that can generate different
kinds of reports, such as fully formatted
reports of what had been logged, with
summaries by source or destination host, the
type of service, or protocol. There are also
options to filter the input data by date, host,
protocol, service, and so on.

iplock is a simple tool for adding or removing IP addresses to your iptables firewall to protect your services such as Apache and Postfix. It reads a configuration file where iptables commands and ports are defined.

layer7-firewall is an easily configured layer seven firewall. It boots from a CD, using a floppy disk for data storage.

theWall is a single floppy firewall and NAT box based on PicoBSD/FreeBSD. The primary aim is to allow a small network to share a cable modem or DSL Internet connection. It currently supports static, DHCP, or PPPoE IP address assignment.

StdioTunnel allows you to tunnel arbitrary TCP
connections through any shell access connection.
If the connection provides a clear 8-bit data path
and allows you to start programs, you can use it
with StdioTunnel. It tunnels TCP connections in
much the same way SSH does, but is useful in
particular cases where SSH port forwarding is
disabled, and it does not require running or
changing the configuration of any server processes
on either side of the connection.

fwdaemon is a Linux firewall runtime backend. Any
client application can communicate with the
fwdaemon and decide what network network flow can
be accepted or which should be dropped.

Modbus/TCP is an open automation protocol used in
a variety of SCADA, PLC, and industrial IO
applications. Modbusfw is a Linux 2.4.x Netfilter
Extension that permits filtering decisions (DROP,
REJECT, etc.) based on application-layer values,
allowing finer-grained access control than is
currently possibly by simply blocking TCP port
502.

Trigger is a robust network automation toolkit that was designed for interfacing with network devices and managing network configuration and security policy. It increases the speed and efficiency of managing large-scale networks while reducing the risk of human error.

Yafig is a LAMP-based firewall rule generator that
creates shell scripts for use with Linux
netfilter/iptables. The user interface is similar
to the FireWall-1 policy editor. Its main features
are Web-based host, network, and service
management. support for multiple policies with
individual password protection, shared objects for
multiple policies, support for chains (default and
custom), and architecture independence.

TN-GW-Scan is a scanner for scanning telnet
proxies. It is implemented using FWTK.

tproxy is a user-space tcp proxy daemon, which has support for firewall transit via telnet proxy, and transmission of out-of-band data.

myfw is firewall based on iptables snipets or
modules. A configuration uses these modules, which
contain Perl code, in order to facilitate the
writing of rules. They can also contain raw
iptables commands. Configs can be pre-defined,
which is useful if you have multiple machines that
need the same firewall rules. It can also generate
ipac-ng rules according to the iptables chains
inserted.